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Security system 

p.even.in. — ^inLrcr ea=K o. sa.a secure 
comprising a number °£ circuitry having a 

devices comprising a „ ^^e security system, 

function in providing -"'°;"^^^\^,,.„entloned type are 
security systems "^'^ f to prevent 

used in many ^^^'"^^fj^jj:^^^^^. in pay tv applica- 
unauthorized access to secure ^^^^.^y devices used are 

ticns, in banking systems etc^ comprising a chip, 

generally made as --f-^^nf;,: ^„y smart cards 
It »ill be clear that rn eytems of th.s 

provided to many different P--°^=' ^^j,,„ders. Attacking 
type are open to attack by P-"" „berein during an 

a'smart card currently -7^^% J^c,,; probed to find 
analysis phase the ch.p of t^e ^^^^^^^^^ , 

a means of attack. In thrs P appropriate probe 

of the Chip is attained in the chip. Thereafter 

points to access the data -""^"^^ and finally the 

the attack is placed rn a j-a-tr^ ^P^ ^^^^^^ ^^^^^^ 

contents of the chrp are extra typically take 

pKase. While the first and -ond/^ps ^^^^^^ ^ 

months, the third "^^^^f/^een cracked for the first 

— that once a smart -d -s^^^^^ ^^,y. ,t will be clear 
time, any second attack i security systems. For, 

that this is a serious P'^*^^" f^^f^^ Ling broken and 
„„ce a smart card has f^^^^^^^J^f ,,,tem. the pirate can 
.as been disabled by J^^^^'-Jjy, „ithin a relatively 
crack another card in a ,,^cy or fraud. 

..ort period and -^^'^^"^J^^^^Z. used in prior art securi- 
Moreover. the smart cara ^.^^ ^^^^ ^^^^ 

ty systems are generally P-"^^* "^^^^ ^,„erent applica- 
Jasic silicon layout, even ^/^^ ^ type is 

tions. If for example a smart card 
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hacked for it«! Kani, • 

u^ed in a different applicatior I "'"^ ""^"^ 

television system. ^"-^ sample in a pay 

the above™\tii:r:;:':L::,r:r'^ r ^^"^"^^^^ °^ 

-taok by a Pirate is^i jLl^^tlTd^ ^'"^^'"'^ ^" 
the time retired for a ^peated irtarn^t 
" substantially increased ""^ ^^""^ 

^v.e. of^ri:eiei\:r::: ~: ^— 

« least a part of said secure Z^Ices the " 
^-.ce is provided with a uni^e chip "ayout ' ^ 

Wherein at le'as" TTl 1 '^'^"''^ ^^^'^ i« 'obtained 

- provided :i h a^ht :i\r:"T^ '-^^ 

Circuitry of the secure deCL T^Ms °' 
i^le^ntion Of the secure functllirrnf "^""^^^^ 
dev.ce varies from device to device 

Io.ic cir:™:f tte^Ss'T' 

<^-ices is impTemented in P^^!"' '"^ 

layout is programed in"he^PaI ! 

volatile or non-volatile ZZIT ""^ ^""^'^ ^ 

devices t:':e':::d"L°"a'r'^"^ '"^^^^^^ ^ - — 

"herein each of sairsecur:"d":i " 
loglc circuitry having TTun^Zl "^^^ ' "^"^ 
to the holder of a secure devLT wLr '"" -^"-^"tion 

°^ -id secure devices, the c^Ip 0: :::;" " " ^ 
provided with a unique chip layru, " ^^'"^ 

the invention, wherein secure devices ^ith'T'^ °' 
saxd chips having logic circuitry havila a " ^""^^ 
providing authorization to th. ^ function in 

-on to the security system, wherein in 



at least a part of said secure devices the chip of a secure 
device is provided with a unique chip layout. 

The invention will be further explained by referen- 
ce to the drawings, in which an embodiment of the system and 
5 method of the invention are schematically shown. 

Fig. 1 schematically shows a pay tv system compri- 
sing an embodiment of a security system of the invention. 

Fig. 2 schematically shows the internal structure 
of a smart card used as secure device in the system of fig. 
10 1. 

Fig. 3 shows a diagram of an embodiment of the 

^ method of the invention. 

Fig. 1 shows merely by way of example a broadcas- 
ting system wherein three broadcasters 1-3 are coupled with 
15 a multiplexer unit 4 . The multiplexer unit 4 comprises means 
for scrambling, encoding and compressing broadcast signals 
provided by the broadcasters 1-3 and the thus obtained 
digital data streams are multiplexed into a digital trans- 
port stream. In the embodiment shown this digital transport 
20 stream is modulated by way of modulator 5 before transmissi- 
on. The operator of the equipment including the multiplexer 
unit 4 and modulator 5 is responsible for transmitting the 
signal to the receiving equipment of the public, one televi- 
^ sion set 6 being shown by way of example in fig. 1. One or 
25 more of the broadcasters 1-3 may be private broadcasters 
operating according to the concept of pay tv which implies 
subscription. This means that people wishing to view pro- 
grams broadcasted by a particular broadcaster, have to 
subscribe to such a broadcast and pay the appropriate fee. 
30 As schematically indicated the transmission of the 

signal may be carried out through one or more telecommunica- 
tion channels including a satellite link 7, terrestrial link 

8 or a cable system 9. 

Access to anyone of the broadcast signals provided 
35 by the broadcasters 1-3 requires a decoder 10 generally 

including a conditional access module not shown cooperating 
with a smart card 11 in a manner known per se. The smart 
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card 11 is one of the secure devices of a security system 
implemented in the broadcasting system shown in fig, l to 
prevent unauthorized access to pay tv signals by persons 
which did not subscribe to the broadcast. Each subscriber is 
provided with a smart card 11, each smart card 11 having a 
unique key and/or address. This security system may operate 
for example in a manner known per se using ECM's and EMM's 
to provide access to the pay tv signals to authorized 
persons having a smart card 11 with means for providing 
authorization to the security system. 

As explained above, such a security system is open 
to attack by pirates trying to copy an original smart card 
to thereby provide a large number of pirate smart cards. In 
order to substantially increase the time required for a 
repeated attack on a smart card, the security system descri- 
bed is provided with secure devices or smart cards 11, each 
of the smart cards comprising a chip with logic circuitry 
having a function in providing authorization to the system 
in a conventional manner. The logic circuitry may include 
the circuitry to store a unique key, and/or the algorithms 
and logic required to provide authorization, for example the 
algorithm to decrypt the key hierarchy used in a security 
system such as eurocrypt . 

Fig. 2 shows in a very schematic manner the inter- 
nal structure of a smart card 11 showing that the chip of 
the smart card 11 includes a central processing unit 12, an 
EEPROM circuit 13, a RAM circuit 14 a secure cell 15 and 
random bus and logic circuitry 16. In the embodiment descri- 
bed the unicpie circuit layout is provided only in the secure 
cell 15, in which for example a cryptographic engine and a 
volatile storage element for storing a secret key are 
located. For a further explanation of this structure of a 
smart card reference is made to European Patent Application 
97202854.2 of the same applicant. 

According to a preferred embodiment the secure cell 
is implemented in FPGA technology (field programmable gate 
array) . The FPGA circuit of the secure cell 15 is program- 
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med in a usual manner in accordance with the diagram of fig. 
3 to personalize the smart card. In order to personalize a 
smart card 11, unique information is stored in the secure 
cell, this unique information comprising a unique key, a key 
5 decr^tion algorithm used in the security system or the 
like usually an FPGA is programmed as follows . First the 
unique information for personalization is written in a high 
level language, for example C or VHDL. The high level 
language is first compiled. Thereafter the information is 
10 put through a synthesis tool which generates a logic xmple- 
, mentation of the high level language code. This logic 
^ implementation would generally include logic circuitry such 
as AND gates, OR gates, D latches etc., which are combined 
to produce the correct cryptographic functionality. Thereaf- 
15 ter the logic implementation is put through a routing 
program which constructs the actual program file for a 
particular FPGA. This file will specify which cells are 
interconnected within the FPGA and how each cell is program- 
med. The actual program file is then loaded into the FPGA 
20 circuit on power up or fuse blown into the FPGA depending on 
the particular FPGA technology used. 

Generally a synthesis tool can produce many varia- 
tions of the same functionality. In prior art applications 
M the synthesis tool is designed to produce logic which 

25 utilizes the minimum number of gates, shows an optimal power 
efficiency, has the best speed performance or a compromise 

of the above. 

According to the present invention a variation 
factor for example a random number, is introduced into the 

30 synthesis tool such that the layout provided by the synthe- 
sis tool will vary from chip to chip. As schematically shown 
in the diagram of fig. 3, a variation factor, such as a 
random number is fed into the synthesis tool and this 
results in the tool generating a set of logic which is 

35 unique to that variation factor. A new variation factor is 
used for personalizing each of the smart cards 11 of the 
security system. In this manner it is obtained that each 



smart card 11 of the security system has a unique layout of 
the logic circuitry of the secure cell 15. 

Similarly a variation factor can be fed into the 
layout tool resulting in a further randomizing of the layout 
of the logic circuitry. 

Further it is possible to introduce a variation 
factor in the compilation step, so that the input to the 
synthesis tool will receive a varying input. All possible 
variations can be used either separately or in combination. 

Using the method of the invention the personaliza- 
tion step introducing a unique key, the logic implementation 
of the key and/or the decryption functions into the smart 
card 11, will result in a layout of the logic circuitry 
which is unique to each smart card 11. In this manner it is 
obtained that the time needed for each attack of a security 
system is substantially increased as the pirate can not use 
the information obtained in an analysis phase and a prepara- 
tion phase in an attack of a first smart card, in attacking 
another smart card. 

As an alternative, instead of using FPOA technology 
in the secure cell only, more parts of the chip or the 
entire chip of the smart card can be built using FPGA 
techniques and can then be randomized in the above described 
manner . 

In a preferred embodiment a volatile FPGA is used, 
wherein the FPGA program is stored in RAM 14 of the smart 
card 11, which is powered by a battery just as the volatile 
storage of the key in the secure cell 15. Including defense 
traps as known per se in the smart card chip will result in 
a loss of the contents of the RAM memory and the volatile 
storage of the secure cell 15 if a pirate fails to overcome 
thew defense strategy of the chip. Thereby the programming 
of the FPGA circuitry will be lossed. In this manner it is 
obtained that by attacking a card no information is gathered 
on how to attack a next card. 

Although the invention is explained in the above by 
reference to a pay tv system, the security system of the 
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invention can be used in any security system using secure 
devices for providing authority to the hoidar of the secure 
device, such as security systems used to protect rooms, 
buildings, or the like against unauthorized 
banking cards etc. Further, although it is P-*— * " 
provide each smart card with a unique layout xt xs also 
possible to provide groups of cards with a ^^^^/^^""^^ 
The invention is therefore not restricted to the 

above described embodiment which can be varied in a number 

of ways within the scope of the claims. 
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fllAIMS 



1 security system for preventing unauthorized 
^h/like comprising a number of secure 
entrance or ,,,,,i3ing a chip with 

devices in providing authorization 

logic cxrcuxtry havxng ^ ^1,,^ in at least a 

5 to the security system, .^^^^^^^ , device is 

part of said secure devices, the chip 

provided with a unique chip ,i,,^ein 
2. security system according to claim , 
• ^ 1 -n .^ircuitry of the chips of said part of 

10 the secure devices is P circuitry 
wherein the layout is programmed m the F 

V, -r, volatile or non-volatile manner, 
either in a volatile « i-o claim 2, wherein 

3 security system according to claim ^, 
the logic Circuitry L each secure device chip is provided 

15 in a secure cell of the chip. wherein 
4. security system according to ' 

« ,ip.vice chip is implemented in FPC3A 

• = ^roiatile or non-volatile manner, 
either in a volatile or claim 2, 3 or 4, 

5 . security system according to claim 

^«*--5t-** chir> is made as a 

- =irrr :l r r P.:^ u.a. 

volatile programmable PPGA, 

said secure devices con^r.ses a 
Having a function in prov.d.ng 

. secure device w^ere.n .n .^ieas. ^.^^^ ^^^^^^^^ 

secure devices, tne cnxiJ 

30 with a unique chip layout. ^ . ^ wherein at least 

7 A set according to claim 6, wherein 

.... - - 1;^; "s- ^^^^^^^ 
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volatile or non-volatile manner. 

8. Method for manufacturing a secure device for a 
security system according to anyone of claims 1-5 or f ^^a 
set Of secure devices according to claim . or 7, ZlrlZ 
secure devices with a chip are used sai^ ■ ' ^^^"^^^^ 
cirr-n-Ji-K^, u ■ used, said chips having logic 

circuitry having a function in providing authorizatio! to 
the security system, wherein in at least a part of saL 
secure devices, the chip of a secure device is pLvid^ with 
a unique chip layout. i'J-uviaea with 

9. Method aocoraing to claim 8, wherein chips with 
logic circuitry in PPOA technology are use, said .etW 
co^rismg the steps of progra^^ng a unigue i^^o^ll in 
the logic circuitry by means of synthesis tool and a layout 
tool. Wherein for each secure device of said part of secure 

thl " introduced in It least Le L 
the synthesis tool and the layout tool, thereby providing 1 
unique circuit layout. ovicmg a 

10. Method according to claim 9, wherein the 

f~'M.hT r°^"'' '"^^ in'-ation compiled 

from a high level language code, wherein a variation factor 
is introduced in at least one of the compilation step "the 
h.gh level language code, the synthesis tool and the layout 
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ABSTRACT 



A security system for preventing unauthorized use, 
entrance or the like. con,prises a number of secure devices. 
:"the secure devices comprising a chip with og.c 
cfrcuitry having a function in providing authorization to 
the security system. In at least a part of ^^^^ 
devices the chip of a secure device is provided with 
unique chip layout. 
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